Vulnerabilities > Projectworlds > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-10-28 CVE-2024-10432 SQL Injection vulnerability in Projectworlds Simple Web-Based Chat Application 1.0
A vulnerability has been found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as critical.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2024-10-27 CVE-2024-10424 SQL Injection vulnerability in Projectworlds Student Project Allocation System 1.0
A vulnerability has been found in Project Worlds Student Project Allocation System 1.0 and classified as critical.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2024-10-27 CVE-2024-10425 SQL Injection vulnerability in Projectworlds Student Project Allocation System 1.0
A vulnerability was found in Project Worlds Student Project Allocation System 1.0 and classified as critical.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2024-10-27 CVE-2024-10423 SQL Injection vulnerability in Projectworlds Student Project Allocation System 1.0
A vulnerability, which was classified as critical, was found in Project Worlds Student Project Allocation System 1.0.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2024-08-15 CVE-2024-42843 SQL Injection vulnerability in Projectworlds Online Examination System 1.0
Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2024-01-25 CVE-2024-22922 Improper Privilege Management vulnerability in Projectworlds Visitor Management System in PHP 1.0
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php
network
low complexity
projectworlds CWE-269
critical
 9.8
9.8
2024-01-19 CVE-2024-0730 SQL Injection vulnerability in Projectworlds Online Time Table Generator 1.0
A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-12-21 CVE-2023-48685 SQL Injection vulnerability in Projectworlds Railway Reservation System 1.0
Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'psd' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-12-21 CVE-2023-48687 SQL Injection vulnerability in Projectworlds Railway Reservation System 1.0
Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'from' parameter of the reservation.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-12-21 CVE-2023-48689 SQL Injection vulnerability in Projectworlds Railway Reservation System 1.0
Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'byname' parameter of the train.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8